Unanswered Question
May 12th, 2009
User Badges:

Hello Everybody

I have a scenario where a ROUTER-CLIENT utilize DMVPN to connect with another ROUTER that is a ROUTER-CONCENTRATOR-VPN. The routers utilize CERTIFICATE to authenticate the VPN.

I have two valid certificates(certificate 1 and certificate 2) in the both routers ( Client and VPN Concentrator)

I have a tunnel vpn stablish between ROUTER-CLIENT and ROUTER-VPN-CONCENTRATOR authenticated with certificate 1.

Can i change the certificate that VPN is using on router client (example:certificate 1) to certificate 2 within stop the tunnel VPN ?

Once i have two valid certificates on ROUTER CLIENT and on ROUTER VPN CONCENTRATOR can i determine why certificate the router will utilize to start the vpn ?

I try configure a crypto identity like

crypto idendity < NAME >

dn < WORD>

fqdn < WORD >

and associate this identity on crypto ipsec :

crypto ipsec profile VPNONE

set security-association lifetime seconds 7200

set transform set CRYPTOBB

set idendity <NAME>

But wasn't a good test, is possible utilize another configuration ?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion